CVE-2012-4432

Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction."

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2012/09/17/5	Exploit Patch
http://www.openwall.com/lists/oss-security/2012/09/18/2	Exploit Patch
http://sourceforge.net/news/?group_id=151404
http://optipng.sourceforge.net/	Patch Vendor Advisory
http://secunia.com/advisories/50654	Vendor Advisory
http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2	Exploit
http://www.securityfocus.com/bid/55566
https://exchange.xforce.ibmcloud.com/vulnerabilities/78743

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:optipng:optipng:hg:::::::*
	cpe:2.3:a:optipng:optipng:0.7.0:::::::*
	cpe:2.3:a:optipng:optipng:0.7.1:::::::*
	cpe:2.3:a:optipng:optipng:0.7.2:::::::*

Information

Published : 2012-09-30 20:26

Updated : 2017-08-28 18:32

NVD link : CVE-2012-4432

Mitre link : CVE-2012-4432

JSON object : View

CWE

CWE-399

Resource Management Errors

Advertisement

Products Affected

optipng

optipng

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2012/09/17/5", "name": "[oss-security] 20120917 CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability", "tags": ["Exploit", "Patch"], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2012/09/18/2", "name": "[oss-security] 20120917 Re: CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability", "tags": ["Exploit", "Patch"], "refsource": "MLIST"}, {"url": "http://sourceforge.net/news/?group_id=151404", "name": "http://sourceforge.net/news/?group_id=151404", "tags": [], "refsource": "CONFIRM"}, {"url": "http://optipng.sourceforge.net/", "name": "http://optipng.sourceforge.net/", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/50654", "name": "50654", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2", "name": "http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2", "tags": ["Exploit"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/55566", "name": "55566", "tags": [], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78743", "name": "optipng-palette-code-execution(78743)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to \"palette reduction.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-399"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-4432", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-10-01T03:26Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:optipng:optipng:hg:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:optipng:optipng:0.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:optipng:optipng:0.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:optipng:optipng:0.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:32Z"}